summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/vpn')
-rwxr-xr-xsrc/leap/bitmask/vpn/helpers/linux/bitmask-root9
-rw-r--r--src/leap/bitmask/vpn/process.py3
-rw-r--r--src/leap/bitmask/vpn/tunnel.py22
3 files changed, 19 insertions, 15 deletions
diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
index 80ac12e..cad082b 100755
--- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root
+++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
@@ -73,7 +73,7 @@ def get_no_group_name():
return None
-VERSION = "6"
+VERSION = "7"
SCRIPT = "bitmask-root"
NAMESERVER = "10.42.0.1"
BITMASK_CHAIN = "bitmask"
@@ -105,7 +105,8 @@ FIXED_FLAGS = [
"--management-signal",
"--script-security", "1",
"--user", "nobody",
- "--remap-usr1", "SIGTERM",
+ "--persist-key",
+ "--persist-tun",
]
if OPENVPN_GROUP is not None:
@@ -121,7 +122,8 @@ ALLOWED_FLAGS = {
"--cert": ["FILE"],
"--key": ["FILE"],
"--ca": ["FILE"],
- "--fragment": ["NUMBER"]
+ "--fragment": ["NUMBER"],
+ "--keepalive": ["NUMBER", "NUMBER"],
}
PARAM_FORMATS = {
@@ -964,6 +966,7 @@ def main():
else:
bail("ERROR: No such command")
+
if __name__ == "__main__":
debug(" ".join(sys.argv))
main()
diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py
index 19115d6..b9c8456 100644
--- a/src/leap/bitmask/vpn/process.py
+++ b/src/leap/bitmask/vpn/process.py
@@ -252,7 +252,8 @@ class _VPNProcess(protocol.ProcessProtocol):
# shutdown
def terminate(self):
- self.proto.signal('SIGTERM')
+ if self.proto:
+ self.proto.signal('SIGTERM')
def kill(self):
try:
diff --git a/src/leap/bitmask/vpn/tunnel.py b/src/leap/bitmask/vpn/tunnel.py
index d9a8be3..7c2274a 100644
--- a/src/leap/bitmask/vpn/tunnel.py
+++ b/src/leap/bitmask/vpn/tunnel.py
@@ -31,8 +31,6 @@ from .process import VPNProcess
# TODO ----------------- refactor --------------------
-# [ ] register change state listener
-# emit_async(catalog.VPN_STATUS_CHANGED)
# [ ] catch ping-restart
# 'NETWORK_UNREACHABLE': (
# 'Network is unreachable (code=101)',),
@@ -40,6 +38,8 @@ from .process import VPNProcess
# "SIGTERM[soft,tls-error]",),
# TODO ----------------- refactor --------------------
+RESTART_WAIT = 2 # in secs
+
class ConfiguredTunnel(object):
@@ -82,8 +82,8 @@ class ConfiguredTunnel(object):
defer.returnValue(started)
@defer.inlineCallbacks
- def stop(self):
- stopped = yield self._stop_vpn(restart=False)
+ def stop(self, restart=False):
+ stopped = yield self._stop_vpn(restart=restart)
defer.returnValue(stopped)
# status
@@ -110,14 +110,14 @@ class ConfiguredTunnel(object):
vpnproc = VPNProcess(*args, **kwargs)
self._vpnproc = vpnproc
- self.__start_pre_up(vpnproc)
- cmd = self.__start_get_cmd(vpnproc)
-
- running = yield self.__start_spawn_proc(vpnproc, cmd)
- if running:
+ try:
+ self.__start_pre_up(vpnproc)
+ cmd = self.__start_get_cmd(vpnproc)
+ running = yield self.__start_spawn_proc(vpnproc, cmd)
vpnproc.pid = running.pid
defer.returnValue(True)
- else:
+ except Exception:
+ # TODO need to propagate the error message properly.
defer.returnValue(False)
def __start_pre_up(self, proc):
@@ -150,7 +150,7 @@ class ConfiguredTunnel(object):
def _restart_vpn(self):
yield self.stop(restart=True)
reactor.callLater(
- self.RESTART_WAIT, self.start)
+ RESTART_WAIT, self.start)
@defer.inlineCallbacks
def _stop_vpn(self, restart=False):